What's new in MineMeld 0.9.7

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

What's new in MineMeld 0.9.7

L7 Applicator

Release Date: 2016-03-24

 

How to update: Updating MineMeld

 

Nodes

- Miner for ProofPoint ET Pro feeds

- Miner for PAN-OS syslog messages, let you extract indicators from PAN-OS logs according to a set of rules

Screen Shot 2016-03-29 at 10.55.39.png

 

UI

- now you can add a new static indicator directly from the NODES page or using the log-links feature of PAN-OS

Screen Shot 2016-03-29 at 10.54.55.png

7 REPLIES 7

L3 Networker

do you have the log link command to allow the firewall add static indicator directly to Minemeld ?

Hi bartoq,

you can use something like this:

set deviceconfig system log-link MineMeld.Src url https://<minemeld address>/#/indicator/add?indicator={src}&indicatorType=IPv4

set deviceconfig system log-link MineMeld.Dst url https://<minemeld address>/#/indicator/add?indicator={dst}&indicatorType=IPv4

 

luigi

Hi Luigi,

 

Could you also please show how the definition of a rule should look like ?

 

Axel.

Hi Axel,

I am working on the documentation of the syslog miner, it should happen early next week.

 

Thanks,

luigi

hi Luigi,

where do I use the miner in the log link ? I only see the indicator type and IP address. shouldnt we configure the miner in the log link as well ?

Hi bartoq,

the link will redirect to a MineMeld page where you can specify the Miners you want to add the indicator to.

 

Screen Shot 2016-04-18 at 09.32.52.png 

Revision on the log link commands, missing the double quotes.

 

set deviceconfig system log-link MineMeld.Src url "https://x.x.x.x/#/indicator/add?indicator={src}&indicatorType=IPv4"

set deviceconfig system log-link MineMeld.Dst url "https://x.x.x.x/#/indicator/add?indicator={dst}&indicatorType=IPv4"

  • 6525 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!